Skip to main content
Elsevier
View Cart

Books in Information systems general

BooksJournals

    • Professional Penetration Testing

      Creating and Learning in a Hacking Lab
      • 3rd Edition
      • Thomas Wilhelm
      • English
      Professional Penetration Testing: Creating and Learning in a Hacking Lab, Third Edition walks the reader through the entire process of setting up and running a pen test lab. Penetration testing—the act of testing a computer network to find security vulnerabilities before they are maliciously exploited—is a crucial component of information security in any organization. Chapters cover planning, metrics, and methodologies, the details of running a pen test, including identifying and verifying vulnerabilities, and archiving, reporting and management practices. The material presented will be useful to beginners through advanced practitioners.Here, author Thomas Wilhelm has delivered penetration testing training to countless security professionals, and now through the pages of this book, the reader can benefit from his years of experience as a professional penetration tester and educator. After reading this book, the reader will be able to create a personal penetration test lab that can deal with real-world vulnerability scenarios. "...this is a detailed and thorough examination of both the technicalities and the business of pen-testing, and an excellent starting point for anyone getting into the field." –Network Security

    • Computational Frameworks

      Systems, Models and Applications
      • 1st Edition
      • Mamadou Kaba Traore
      • English
      Computational Frameworks: Systems, Models and Applications provides an overview of advanced perspectives that bridges the gap between frontline research and practical efforts. It is unique in showing the interdisciplinary nature of this area and the way in which it interacts with emerging technologies and techniques. As computational systems are a dominating part of daily lives and a required support for most of the engineering sciences, this book explores their usage (e.g. big data, high performance clusters, databases and information systems, integrated and embedded hardware/software components, smart devices, mobile and pervasive networks, cyber physical systems, etc.).

    • Security Controls Evaluation, Testing, and Assessment Handbook

      • 1st Edition
      • Leighton Johnson
      • English
      Security Controls Evaluation, Testing, and Assessment Handbook provides a current and well-developed approach to evaluation and testing of security controls to prove they are functioning correctly in today's IT systems. This handbook shows you how to evaluate, examine, and test installed security controls in the world of threats and potential breach actions surrounding all industries and systems. If a system is subject to external or internal threats and vulnerabilities - which most are - then this book will provide a useful handbook for how to evaluate the effectiveness of the security controls that are in place. Security Controls Evaluation, Testing, and Assessment Handbook shows you what your security controls are doing and how they are standing up to various inside and outside threats. This handbook provides guidance and techniques for evaluating and testing various computer security controls in IT systems. Author Leighton Johnson shows you how to take FISMA, NIST Guidance, and DOD actions and provide a detailed, hands-on guide to performing assessment events for information security professionals who work with US federal agencies. As of March 2014, all agencies are following the same guidelines under the NIST-based Risk Management Framework. This handbook uses the DOD Knowledge Service and the NIST Families assessment guides as the basis for needs assessment, requirements, and evaluation efforts for all of the security controls. Each of the controls can and should be evaluated in its own unique way, through testing, examination, and key personnel interviews. Each of these methods is discussed.

    • Breaking into Information Security

      Crafting a Custom Career Path to Get the Job You Really Want
      • 1st Edition
      • Josh More + 2 more
      • English
      Whether you want to break into information security, move from one job to another, or transition into management, Breaking into Information Security will help. No other book surveys all the different jobs available in the industry, frankly discusses the positives and negatives of each, and what you need to learn to get into and out of each role. Unlike books that focus on a specific skill set or on how to gain a certification or get a job, this book encompasses the "big picture," including why certifications, if any, are worthwhile for you. In a profession where new career paths aren’t always clear, Breaking into Information Security will teach you how to identify where you are in your career today, understand where you wish to go, and provide proven methods to get there. From entry-level jobs to the extremely specific skills needed to be an InfoSec consultant, this book covers it all, including in-job skill building, working within the community, and building your skills after hours. If you are seeking to advance in the highly competitive field of information security, this book will give you the edge you need to break in.

    • Building an Intelligence-Led Security Program

      • 1st Edition
      • Allan Liska
      • English
      As recently as five years ago, securing a network meant putting in a firewall, intrusion detection system, and installing antivirus software on the desktop. Unfortunately, attackers have grown more nimble and effective, meaning that traditional security programs are no longer effective. Today's effective cyber security programs take these best practices and overlay them with intelligence. Adding cyber threat intelligence can help security teams uncover events not detected by traditional security platforms and correlate seemingly disparate events across the network. Properly-implemented intelligence also makes the life of the security practitioner easier by helping him more effectively prioritize and respond to security incidents. The problem with current efforts is that many security practitioners don't know how to properly implement an intelligence-led program, or are afraid that it is out of their budget. Building an Intelligence-Led Security Program is the first book to show how to implement an intelligence-led program in your enterprise on any budget. It will show you how to implement a security information a security information and event management system, collect and analyze logs, and how to practice real cyber threat intelligence. You'll learn how to understand your network in-depth so that you can protect it in the best possible way.

    • Predictive Analytics and Data Mining

      Concepts and Practice with RapidMiner
      • 1st Edition
      • Vijay Kotu + 1 more
      • English
      Put Predictive Analytics into ActionLearn the basics of Predictive Analysis and Data Mining through an easy to understand conceptual framework and immediately practice the concepts learned using the open source RapidMiner tool. Whether you are brand new to Data Mining or working on your tenth project, this book will show you how to analyze data, uncover hidden patterns and relationships to aid important decisions and predictions. Data Mining has become an essential tool for any enterprise that collects, stores and processes data as part of its operations. This book is ideal for business users, data analysts, business analysts, business intelligence and data warehousing professionals and for anyone who wants to learn Data Mining.You’ll be able to:1. Gain the necessary knowledge of different data mining techniques, so that you can select the right technique for a given data problem and create a general purpose analytics process.2. Get up and running fast with more than two dozen commonly used powerful algorithms for predictive analytics using practical use cases.3. Implement a simple step-by-step process for predicting an outcome or discovering hidden relationships from the data using RapidMiner, an open source GUI based data mining tool Predictive analytics and Data Mining techniques covered: Exploratory Data Analysis, Visualization, Decision trees, Rule induction, k-Nearest Neighbors, Naïve Bayesian, Artificial Neural Networks, Support Vector machines, Ensemble models, Bagging, Boosting, Random Forests, Linear regression, Logistic regression, Association analysis using Apriori and FP Growth, K-Means clustering, Density based clustering, Self Organizing Maps, Text Mining, Time series forecasting, Anomaly detection and Feature selection. Implementation files can be downloaded from the book companion site at www.LearnPredictiveA...

    • Cyber Reconnaissance, Surveillance and Defense

      • 1st Edition
      • Robert Shimonski
      • English
      At a time when online surveillance and cybercrime techniques are widespread, and are being used by governments, corporations, and individuals, Cyber Reconnaissance, Surveillance and Defense gives you a practical resource that explains how these activities are being carried out and shows how to defend against them. Expert author Rob Shimonski shows you how to carry out advanced IT surveillance and reconnaissance, describes when and how these techniques are used, and provides a full legal background for each threat. To help you understand how to defend against these attacks, this book describes many new and leading-edge surveillance, information-gatherin... and personal exploitation threats taking place today, including Web cam breaches, home privacy systems, physical and logical tracking, phone tracking, picture metadata, physical device tracking and geo-location, social media security, identity theft, social engineering, sniffing, and more.

    • Optimized Cloud Resource Management and Scheduling

      Theories and Practices
      • 1st Edition
      • Wenhong Dr. Tian + 1 more
      • English
      Optimized Cloud Resource Management and Scheduling identifies research directions and technologies that will facilitate efficient management and scheduling of computing resources in cloud data centers supporting scientific, industrial, business, and consumer applications. It serves as a valuable reference for systems architects, practitioners, developers, researchers and graduate level students.

    • Hacking and Penetration Testing with Low Power Devices

      • 1st Edition
      • Philip Polstra
      • English
      Hacking and Penetration Testing with Low Power Devices shows you how to perform penetration tests using small, low-powered devices that are easily hidden and may be battery-powered. It shows how to use an army of devices, costing less than you might spend on a laptop, from distances of a mile or more. Hacking and Penetration Testing with Low Power Devices shows how to use devices running a version of The Deck, a full-featured penetration testing and forensics Linux distribution, and can run for days or weeks on batteries due to their low power consumption. Author Philip Polstra shows how to use various configurations, including a device the size of a deck of cards that can easily be attached to the back of a computer. While each device running The Deck is a full-featured pen-testing platform, connecting systems together via 802.15.3 networking gives you even more power and flexibility. This reference teaches you how to construct and power these devices, install operating systems, and fill out your toolbox of small low-power devices with hundreds of tools and scripts from the book's companion website. Hacking and Pen Testing with Low Power Devices puts all these tools into your hands and will help keep you at the top of your game performing cutting-edge pen tests from anywhere in the world!

    • Building an Information Security Awareness Program

      Defending Against Social Engineering and Technical Threats
      • 1st Edition
      • Bill Gardner + 1 more
      • English
      The best defense against the increasing threat of social engineering attacks is Security Awareness Training to warn your organization's staff of the risk and educate them on how to protect your organization's data. Social engineering is not a new tactic, but Building an Security Awareness Program is the first book that shows you how to build a successful security awareness training program from the ground up. Building an Security Awareness Program provides you with a sound technical basis for developing a new training program. The book also tells you the best ways to garner management support for implementing the program. Author Bill Gardner is one of the founding members of the Security Awareness Training Framework. Here, he walks you through the process of developing an engaging and successful training program for your organization that will help you and your staff defend your systems, networks, mobile devices, and data. Forewords written by Dave Kennedy and Kevin Mitnick!